e1e8fe95693c9cffa68360a02a3a91402949035466e1b42b126e49390d5a7519

General

Target

e1e8fe95693c9cffa68360a02a3a91402949035466e1b42b126e49390d5a7519.sample
Size

7KB
Sample

210726-wd82tfl9la
MD5

7cd8e2fc5fe2dc351f24417cc1d23afa
SHA1

1490ee2d05b8862d17bb87bc00f0f0cc21c5505f
SHA256

e1e8fe95693c9cffa68360a02a3a91402949035466e1b42b126e49390d5a7519
SHA512

a2ad0e06d71fa0e22d1e6aa03756de7b5b115a5f7c8dde36585d30c54ea3734bc135196b98686b359a181902db2f7a561b14617b8d965c8c62f50c07571ac5c3

Score

10^/10

ransomware

Malware Config

Extracted

Path

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\!_READ_ME_!.txt

Ransom Note

Your files are encrypted with RSA-1024 algorithm. To recovery your files you need to buy our decryptor. To buy decrypting tool contact us at: content715@yahoo.com === BEGIN === AD7D6889 010200000168000000A400007D1161EE82522CAB 2CB9917BD7FA2831A0600C507133C96C78FE2603 6C0485A94CD59D397EA040852F811B89DF833633 7BBD8A42154A5AD77BDC97F6E6D2B6D651444489 6D521308679963EFD666250B01C09FB479C2CD8A 4C1A8DDBD9ADCFAF0BD2967B2F09A8040A4A6431 1472DB432F3E8DCF907819E4105421598AF11417 === END ===

Emails

content715@yahoo.com

Wallets

1472DB432F3E8DCF907819E4105421598AF11417

Extracted

Path

C:\odt\!_READ_ME_!.txt

Ransom Note

Your files are encrypted with RSA-1024 algorithm. To recovery your files you need to buy our decryptor. To buy decrypting tool contact us at: decrypt482@yahoo.com === BEGIN === AD7D6889 010200000168000000A40000481EF46E868E6A86 27B808E31DBE4423400BA74FFAA2D94F6938C40F 41821BE180E45408AEEE7374AA4225DD8D6864D1 4FBCF6C0B7A7B1D16F93145EBF468A187E7C376D 8A93665CEE0F65AC0FA28DA92A16F4EF5B7BA3C3 3549438760EB5FACD4AB1D4F06A1B5BFD8A8EAA6 35E5776048FDE181600A4DDA97BEC26501841D2C === END ===

Emails

decrypt482@yahoo.com

Wallets

3549438760EB5FACD4AB1D4F06A1B5BFD8A8EAA6

35E5776048FDE181600A4DDA97BEC26501841D2C

Targets

- Target
  
  e1e8fe95693c9cffa68360a02a3a91402949035466e1b42b126e49390d5a7519.sample
- Size
  
  7KB
- MD5
  
  7cd8e2fc5fe2dc351f24417cc1d23afa
- SHA1
  
  1490ee2d05b8862d17bb87bc00f0f0cc21c5505f
- SHA256
  
  e1e8fe95693c9cffa68360a02a3a91402949035466e1b42b126e49390d5a7519
- SHA512
  
  a2ad0e06d71fa0e22d1e6aa03756de7b5b115a5f7c8dde36585d30c54ea3734bc135196b98686b359a181902db2f7a561b14617b8d965c8c62f50c07571ac5c3
Score

10^/10

ransomware
- Deletes itself
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2